General
-
Target
010f3cdacf80a2d760aec6282ce7ca9d_JaffaCakes118
-
Size
1.1MB
-
Sample
240622-dw319szbjn
-
MD5
010f3cdacf80a2d760aec6282ce7ca9d
-
SHA1
490e8a056f1c2347342861e7f0cb0e32de2c5f94
-
SHA256
07ddbb636e90ed74017bc7f8fd330ff717bab9309c0b004fded3d5da64373f87
-
SHA512
7906322ffa758a500acba118c0346e3a80394ac9a8f613de2f67f2847e43b551ddc356843bde5baffc159cd6d75a44bb63b84aa5097c1c8cfceebf63536b2299
-
SSDEEP
24576:CNsJWCAFkbBHWDaevRb8iF6c3d+LsewJD443OSqTPnPnk:ipFQHmtlALWJDF3OpnPk
Malware Config
Targets
-
-
Target
010f3cdacf80a2d760aec6282ce7ca9d_JaffaCakes118
-
Size
1.1MB
-
MD5
010f3cdacf80a2d760aec6282ce7ca9d
-
SHA1
490e8a056f1c2347342861e7f0cb0e32de2c5f94
-
SHA256
07ddbb636e90ed74017bc7f8fd330ff717bab9309c0b004fded3d5da64373f87
-
SHA512
7906322ffa758a500acba118c0346e3a80394ac9a8f613de2f67f2847e43b551ddc356843bde5baffc159cd6d75a44bb63b84aa5097c1c8cfceebf63536b2299
-
SSDEEP
24576:CNsJWCAFkbBHWDaevRb8iF6c3d+LsewJD443OSqTPnPnk:ipFQHmtlALWJDF3OpnPk
Score10/10-
Darkcomet
DarkComet is a remote access trojan (RAT) developed by Jean-Pierre Lesueur.
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-